New HTTPS Bicycle Attack On TLS/SSL Encrypted Web Traffic Can Reveal Your Passwords and GPS Coordinates
It is well known that most of the financial transactions and personal information are routed on sites which have enabled HTTPS encryption. In fact, users trust HTTPS much more than the normal HTTP operated websites for their banking and financial transactions. Now a Dutch security researcher has found that even HTTPS encryption is not safe and potential hackers could exploit TLS/SSL encrypted websites by using a ‘HTTPS Bicycle Attack.’
Security researcher Guido Vranken discovered that using a ‘HTTPS Bicycle Attack,’ a potential hacker could extract information from the HTTPS data streams. He has published a research paper (PDF) detailing how the new attack works on TLS/SSL-encrypted traffic, and how it could be used to reveal users passwords, GPS coordinates and much more.
According to Vranken, the HTTPS Bicycle Attack lets a hacker inspect HTTPS traffic and be able to determine the length of some of the data exchanged underneath the TLS protection layer. Once the exploit is successful the hacker can find out details like the length of a cookie header, the length of passwords sent in POST requests, GPS coordinates, IPv4 addresses, or other information contained in TLS-encrypted HTTP traffic.
What is HTTPS Bicycle Attack?
Vranken says that the HTTPS Bicycle Attack is completely undetectable and can also be used retroactively on HTTPS traffic logged many years before. For an HTTPS Bicycle Attack to be successful, a few prerequisites need to be satisfied. First the HTTPS traffic must use a stream-based cipher, and then the attacker must know the length of the rest of the data before being able to extract details about specific parts of the HTTPS packets.
Once the above prerequisites are met, any hacker with advanced tech knowledge can carry out the HTTPS Bicycle Attack as all he/she needs to do is to capture HTTPS packets from a user authentication operation.
Once the hacker has used the exploit, he/she will have access to victim’s username, login URL, and the adjacent information (usually sent to the server), the only information left in the HTTPS packet would be the length of the user’s password. After a simple subtraction, an attacker would then be in the possession of the user’s password length. The password length will allow the hacker to brute-force into any web account.
Vranken states on his blog, “Redundancy of the plaintext HTTP headers included in each and every request can be exploited in order to reveal the length of particular components (such as passwords) of particular requests (such as authentication to a web application). The redundancy of HTTP in practice allows for an iterative resolution of the length of ‘unknowns’ in a HTTP message until the lengths of all its components are known except for a coveted secret, such as a password, whose length is then implied. The attack furthermore exploits the property of stream-oriented cipher suites such as those based on Galois/Counter Mode that the exact size of the plaintext can be known to a man-in-the-middle.”
Vranken has also published details of mitigation against the HTTPS Bicycle Attack. To protect against HTTPS Bicycle attacks, Vranken recommends that webmasters should turn off support for TLS stream-ciphers. He suggests that the webmasters should use the latest version of the TLS protocol (1.2 right now), and add padding to any sensitive data sent via HTTPS and mask its actual length.